Live Coronavirus Map Used to Spread Malware

Cybercriminals constantly latch on to news items that captivate the public’s attention, but usually they do so by sensationalizing the topic or spreading misinformation about it. Recently, however, cybercrooks have started disseminating real-time, accurate information about global infection rates tied to the Coronavirus/COVID-19 pandemic in a bid to infect computers with malicious software.

A recent snapshot of the Johns Hopkins Coronavirus data map, available at coronavirus.jhu.edu.

In one scheme, an interactive dashboard of Coronavirus infections and deaths produced by Johns Hopkins University is being used in malicious Web sites (and possibly spam emails) to spread password-stealing malware.

Late last month, a member of several Russian language cybercrime forums began selling a digital Coronavirus infection kit that uses the Hopkins interactive map as part of a Java-based malware deployment scheme. The kit costs $200 if the buyer already has a Java code signing certificate, and $700 if the buyer wishes to just use the seller’s certificate.

“It loads [a] fully working online map of Corona Virus infected areas and other data,” the seller explains. “Map is resizable, interactive, and has real time data from World Health Organization and other sources. Users will think that PreLoader is actually a map, so they will open it and will spread it to their friends and it goes viral!”

The sales thread claims the customer’s payload can be bundled with the Java-based map into a filename that most Webmail providers allow in sent messages. The seller claims in a demonstration video that Gmail also allows it, but the video shows Gmail still warns recipients that downloading the specific file type in question (obscured in the video) can be harmful. The seller says the user/victim has to have Java installed for the map and exploit to work, but that it will work even on fully patched versions of Java.

“Loader loads .jar files which has real working interactive Coronavirus realtime data map and a payload (can be a separate loader),” the seller said in the video. “Loader can predownload only map and payload will be loaded after the map is launched to show map faster to users. Or vice versa payload can be predownloaded and launched first.”

It’s unclear how many takers this seller has had, but earlier this week security experts began warning of new malicious Web sites being stood up that used interactive versions of the same map to distract visitors while the sites tried to foist the password-stealing AZORult malware.

As long as this pandemic remains front-page news, malware purveyors will continue to use it as lures to snare the unwary. Keep your guard up, and avoid opening attachments sent unbidden in emails — even if they appear to come from someone you know.

A tip of the hat to @holdsecurity for a heads up about this malware offering.

COVID-19 Outbreak | Defending Against the Psychology of Fear, Uncertainty and Doubt

Earthquakes. Floods. Tsunamis. Wildfires. Landslides. Hurricanes. Tornados. SARS, H1N1 (swine flu). MERS. Ebola. HIV. AIDS. Zika. And now COVID-19, also known in the media as the coronavirus. 

Natural disasters and epidemics have much in common, including the tragic loss of human life. But there is a darker and more sinister connection–the use of this same human tragedy by bad actors to spread malware, launch phishing and spear-phishing campaigns, and commit fraud by exploiting emotion. Such is the case for the coronavirus, also known as COVID-19.

The World Health Organization (WHO) has been continuing to warn against the use of the coronavirus emergency to send phishing emails that contain malware. 

Using Fear to Aid and Abet Fraud

The bad actors don’t limit themselves to malware. The US Food and Drug Administration is also warning consumers about fraudulent products that “claim to prevent, treat, mitigate, diagnose or cure coronavirus disease 2019 (COVID-19).” It’s a full-court press when it comes to fraud.

In December of 2019, SentinelLabs released a groundbreaking report about the relationship between the cybercrime group TrickBot and North Korea, a recognized Advanced Persistent Threat (APT) actor. The use of TrickBots capabilities is magnified when the effective use of psychology is deployed against email recipients.

Recently, SentinelLabs identified a malicious campaign that uses a coronavirus healthcare notification from Canadian authorities to distribute malware aimed at financial institutions. 

Johns Hopkins University and the Center for Systems, Science, and Engineering have developed a map that models the spread of COVID-19 by country, region, state and city. As of March 10, 2020, the top countries are China, Italy, Iran, South Korea, Spain, France, Germany, the United States, and Japan. That means each country becomes the context for phishing emails that target large numbers of users.

Context is extremely important when crafting an email designed to deliver a malicious payload. Human nature has always responded to fear of loss more predictably than the potential for gain. For example, in the context of COVID-19, which email subject line would generate a higher likelihood of response?

“How to prevent the spread of the coronavirus in 3 easy steps.”

 

“URGENT: You have been in contact with a verified coronavirus patient.”

The first subject line does not create fear of loss, only the potential to gain more information about stopping the spread of the coronavirus. The second subject line attacks the heart of the matter – fear of death. A related behavior affects the belief in the scarcity of a valued item. With COVID-19, it could be the availability of test kits. 

“Don’t lose your chance to get these hard-to-find coronavirus test kits.”

The last email subject combines both fear of loss with scarcity. Thousands of years of human evolution have made us loss averse. This same evolution has also reinforced the primary purpose of our brain. And that is to keep us alive. Everything beyond that is a bonus.

It’s irrelevant that citizens can’t purchase these test kits, and that only the government has them. The fear of loss, the sense of urgency, and the amount of media dedicated to COVID-19 create conditions that override our common sense and force us to act based on primal fears. Death is the ultimate trump card.

Webinar | Employees Working From Home?
Join our experts and learn how to keep your enterprise running without being affected by the cybersecurity consequences of workforce transition.

Exploiting Human Vulnerabilities

Criminals have become more advanced in their understanding of manipulating human emotion to achieve a targeted action. Social engineering is based on the premise that I can get you to take action you believe to be trusted, but which is actually malicious, using manipulation, influence, and deceit.

Nation-state actors have long relied upon social engineering to achieve targeted goals for espionage, system compromise, election influence, and social media manipulation. Business Email Compromise (BEC) relies upon convincing the recipient of an email that a sender is a person of authority and that a particular action (like transferring hundreds of thousands of dollars) should be done. 

The number one tactic used by adversarial governments and bad actors isn’t exploiting a vulnerability. It’s exploiting human weakness. In an article I wrote for The Hill, I outlined how Russia had successfully used the first attack with the malware known as Black Energy. The initial method of compromise? A spear-phishing email sent purportedly from the Ukrainian government. The attached Excel spreadsheet asked the user to enable macros.

And just like that, the initial payload was delivered. Nothing fancy. Just a sense of urgency (Ukrainian government) overriding common sense (never enable macros from an attachment). 

Nobody is Immune To Social Engineering

The psychology of fear, uncertainty, and doubt is a powerful weapon. During my time in law enforcement, I specialized in serial crime profiling and behavioral analysis interviewing. Getting someone to click on a link in an email isn’t nearly as difficult as getting someone to confess to murdering another human being.

In the behavioral analysis interview (BAI), I analyzed the case (context) and framed my questions accordingly. The goal of the BAI is to determine if the subject is being truthful or deceptive. If the subject is being deceptive, and it appears they could have committed the crime, then it’s time to move from gathering facts to the interrogation. Not every interview leads to an interrogation, however.

During the interrogation, the goal is to cause the subject to manifest anxiety to the point that the only way to relieve it is to be truthful. I taught these same techniques at the National Security Agency to damage assessment agents who had been involved in some of the most serious espionage cases in United States history. It is the same reason an employee might click on a suspicious link, or open a malware-laden document: to find out the answer and relieve the manifested anxiety of fear, uncertainty, and doubt.

What is the moral of this story? It’s that no matter how much security awareness training you do, how many posters on cyber hygiene you plaster in your offices, or how many weekly reminders you send out in an email, in the end, hundreds of thousands of years of human behavior will eventually win out. That means fear of loss (death) and self-preservation (relieving the anxiety/stress) will trump common sense.

Fear Doesn’t Work on Machines

However, there is a silver lining to these dark clouds on our horizon. The use of Artificial Intelligence and Machine Learning has shifted the balance of power from the attackers to those being attacked. Rather than responding to and recovering from attacks, AI/ML has increased the speed and precision of detection and prevention. 

The behaviors that have been ingrained into our DNA over thousands of centuries can be counterbalanced by the deliberate application of technology. Rather than requiring a user to determine whether something is ‘safe’, it’s easier to prevent it in the first place. It is easier to prevent a ransomware attack than it is to recover from one. And it is far easier to manage good press than bad

Artificial intelligence doesn’t give in to fear. It doesn’t have human emotions to be manipulated, and it can’t contract the coronavirus. This just may be the perfect antidote to fear, uncertainty, and doubt.

Morgan is the Chief Security Advisor for SentinelOne and a Senior Fellow at the Center for Digital Government. He has testified before Congress multiple times about the security of large government systems and is currently the chief technology analyst for Fox News Channel and Fox Business Network covering cybersecurity.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

AWS launches Bottlerocket, a Linux-based OS for container hosting

AWS has launched its own open-source operating system for running containers on both virtual machines and bare metal hosts. Bottlerocket, as the new OS is called, is basically a stripped-down Linux distribution that’s akin to projects like CoreOS’s now-defunct Container Linux and Google’s container-optimized OS. The OS is currently in its developer preview phase, but you can test it as an Amazon Machine Image for EC2 (and by extension, under Amazon EKS, too).

As AWS chief evangelist Jeff Barr notes in his announcement, Bottlerocket supports Docker images and images that conform to the Open Container Initiative image format, which means it’ll basically run all Linux-based containers you can throw at it.

One feature that makes Bottlerocket stand out is that it does away with a package-based update system. Instead, it uses an image-based model that, as Barr notes, “allows for a rapid & complete rollback if necessary.” The idea here is that this makes updates easier. At the core of this update process is “The Update Framework,” an open-source project hosted by the Cloud Native Computing Foundation.

AWS says it will provide three years of support (after General Availability) for its own builds of Bottlerocket. As of now, the project is very much focused on AWS, of course, but the code is available on GitHub and chances are we will see others expand on AWS’ work.

The company is launching the project in cooperation with a number of partners, including Alcide, Armory, CrowdStrike, Datadog, New Relic, Sysdig, Tigera, Trend Micro and Waveworks.

“Container-optimized operating systems will give dev teams the additional speed and efficiency to run higher throughput workloads with better security and uptime,” said Michael Gerstenhaber, director of Product Management at Datadog.” We are excited to work with AWS on Bottlerocket, so that as customers take advantage of the increased scale they can continue to monitor these ephemeral environments with confidence.”

 

Assembled raises $3.1M led by Stripe to build ‘the operating system for support teams’

CRM software accounts for one-quarter of all enterprise IT spend. But ironically, while a lot of money is spent on platforms like Salesforce or SAP to manage incoming calls and outgoing marketing and sales activity, not a lot of attention is given to the issue of how to help the teams using all that software work better.

What are the peak times for calls? What are the most common questions? Which staff are best skilled at what kinds of questions? And who is actually working at any given time? These are just some of the issues, but in many cases, there isn’t much in the way of tools used to help with these at all — organisations often just hack a spreadsheet platform like Google Sheets or a calendar app to get by, or do nothing at all.

Today, a startup called Assembled is coming out of stealth mode to address that gap in the market, with a platform that’s built specifically to address the kinds of questions and issues that customer support teams encounter and — answered well — can help them work much better.

Out of the gate, Assembled is announcing $3.1 million in seed funding led by Stripe — where the founding team previously worked — with participation also from Basis Set Ventures, Signalfire and several angel investors (who are also mostly former Stripe employees).

Assembled’s longer-term ambition is to build tools for what co-founder Ryan Wang describes as “the logistics of customer support.”

“We want to become the operating system for support teams,” he said. Most immediately, the company’s focus will be on agent performance. “Teams want to learn about their top performers and how they spend their time, and offer data to empower their decision-making.”

Stripe — the payments and related services provider that is now valued at $35 billion — has developed a sizable operation funding startups adjacent to its own interests in cultivating relationships with startups and other smaller businesses. You could consider it a strategic investor in Assembled: alongside Grammarly, Gofundme, Hopper and Harry’s, Stripe is one of Assembled’s marquee customers.

Wang, an ex-Stripe engineer who co-founded Assembled with his brother John and Assembled’s CEO Brian Sze (both also ex-Stripe), said in an interview that the idea for the startup came directly out of the pair’s experiences as early employees at Stripe.

The approach at the startup in its early days was very grass-roots: employees would get together outside the office to go through support tickets as a way of identifying trends and to talk through them to figure out what might need fixing, how to handle issues in the future and so on.

It was probably a great way for the team to really stay in touch with what customers needed and wanted. But eventually this approach presented a problem: How do you scale this kind of process? To a tech person, the solution would be obvious: build a platform that can help you do this.

“Within the landscape of CRM, we could see that tech hadn’t really been applied to the business of supporting customer support,” Wang said. “That is why we left. We’d understood that it was a broad problem.”

A tool to help improve workforce management for customer support teams is a no-brainer for a company already trying to address these issues through its own home-baked solutions. Wang noted that one of its current customers had built out such an extensive map of data on Google Sheets trying to address customer support workforce management that “they broke Google Sheets. It was just too big.”

Indeed, Bob van Winden, Stripe’s head of operations, noted: “Millions of businesses rely on Stripe every day. To support them, we obsess over every detail of delivering fast, reliable customer service, including free 24×7 phone and chat support. This led us to Assembled, which our global support teams are using to stay coordinated and focused on helping Stripe’s users thrive.”

Less obvious is the use case when a company has never identified these issues, or sees them but haven’t made efforts to try to solve them because it seems too difficult. (The classic issues here are that Assembled is “too clever by half,” or “too ahead of its time.”) That presents both an open market for Assembled, but also a greenfield challenge.

One route to customers has been to integrate with more established CRM packages. Currently Assembled integrates with Salesforce, Kustomer and Zendesk, so that it can source data from these to provide more insights to users.

Another is to provide a set of tools that speak to the wider trend for analytics and data-based insights that can be used to improve how a company works. Indeed, just as Kustomer has disrupted the idea of a CRM being focused on a narrow funnel of inbound requests, Assembled also is rethinking how to parse data to figure out what a customer support person should be doing and when. 

The startup provides a way to forecast inbound support query volumes, and to map that into staffing plans that cover multiple channels like chat, email, phone and social media. The staffing plan, in turn, also acts as a scheduling tool to set up group and single calendars for individuals.

A team’s activity, meanwhile, is tracked through a set of metrics the whole team can see and use to calibrate their work better.

Going forward, you can imagine Assembled expanding in a couple of different directions. One might be to offer workforce management to more teams beyond customer support, but that also have to work out how to manage inbound requests and turn them into more efficient work plans. Another might be to continue expanding the kinds of tools it might provide to customer support teams to continue complementing basic CRMs, in particular as customer support comes to mean different things, depending on who the “customer” actually is.

“We see the term ‘customer support’ evolving,” Wang said. “The big struggle is what the encompassing term should be instead. Generally, our view is that we want to transform and elevate what customer support means. It’s not just about call centers, but any drivers of customer experience related to your products.”

Crafty Web Skimming Domain Spoofs “https”

Earlier today, KrebsOnSecurity alerted the 10th largest food distributor in the United States that one of its Web sites had been hacked and retrofitted with code that steals credit card and login data. While such Web site card skimming attacks are not new, this intrusion leveraged a sneaky new domain that hides quite easily in a hacked site’s source code: “http[.]ps” (the actual malicious domain does not include the brackets, which are there to keep readers from being able to click on it).

This crafty domain was hidden inside the checkout and login pages for grandwesternsteaks.com, a meat delivery service owned by Cheney Bros. Inc., a major food distributor based in Florida. Here’s what a portion of the login page looked like until earlier today when you right-clicked on the page and selected  “view-source”:

The malicious domain added to the HTML code for grandwesternsteaks.com (highlighted in orange) fetched a script that intercepted data entered by customers, including credit card details and logins. The code has since been removed from the site.

Viewing the HTML source for the malicious link highlighted in the screenshot above reveals the obfuscated card-skimming code, a snippet of which is pictured below:

The obfuscated card skimming code is full of references to “ants” and “cockroaches,” which is enough to give any site owner the heebie-jeebies.

A simple search on the malicious domain “http[.]ps” at HTML search service publicwww.com shows this code is present on nearly a dozen other sites, including a music instrument retailer, an herbal pharmacy shop in Europe, and a business in Spain that sells programmable logic controllers — expensive computers and circuit boards designed to control large industrial operations.

The http[.]ps domain is hosted in Russia, and sits on a server with one other malicious domain — autocapital[.]pw. According a Mar. 3 Twitter post by security researcher and blogger Denis Sinegubko, the autocapital domain acts as a collector of data hoovered up by the http[.]ps skimming script.

Jerome Segura over at Malwarebytes recently wrote about a similar attack in which the intruders used http[.]ps to spoof the location of a script that helps improve page load times for sites that rely on Web infrastructure firm Cloudflare.

“There is a subtle difference in the URI path loading both scripts,” Segura wrote. “The malicious one uses a clever way to turn the domain name http.ps (note the dot ‘.’ , extra ‘p’ and double slash ‘//’) into something that looks like ‘https://’. The threat actors are taking advantage of the fact that since Google Chrome version 76, the “https” scheme (and special-case subdomain “www”) is no longer shown to users.”

Segura says there are two ways e-commerce sites are being compromised here:

  • Skimming code that is injected into a self hosted JavaScript library (the jQuery library seems to be the most targeted)
  • A script that references an external JavaScript, hosted on a malicious site (in this case, http[.]ps)

Malwarebytes assesses that the tricks this domain uses to obfuscate the malicious code are tied to various site-hacking malware campaigns dating back to 2016. By the way, an installation of Malwarebytes on a test machine used for this investigation blocked the http[.]ps script from loading on each of the compromised sites I found.

Finally, the “.ps” bit of the malicious skimming domain refers to the country code top-level-domain (ccTLD) for the State of Palestine. The domain was registered on Feb. 7.

If you run an e-commerce Web site, it would be a great idea to read up on leveraging Content Security Policy (CSP) response headers and Subresource Integrity security features offered by modern Web browsers. These offer mitigation options to prevent your site from being used in these card skimming attacks. Ryan Barnett at Akamai penned a comprehensive blog post on these approaches not long ago that is well worth reading [full disclosure: Akamai is an advertiser on this site].

I’ve been playing recently with privacy.com, which among other things offers a free service that allows users to generate a unique, one-time credit card number for each online transaction (privacy.com makes money from the interchange fees paid by merchants). The beauty of this approach is if your credit card details do get swiped by one of these site skimmers, you won’t have to change your credit card information at dozens of other sites and services you frequent.

BackboneAI scores $4.7M seed to bring order to intercompany data sharing

BackboneAI, an early-stage startup that wants to help companies dealing with lots of data, particularly coming from a variety of external sources, announced a $4.7 million seed investment today.

The round was led by Fika Ventures with participation from Boldstart Ventures, Dynamo Ventures, GGV Capital, MetaProp, Spider VC and several other unnamed investors.

Company founder Rob Bailey says he has spent a lot of time in his career watching how data flows in organizations. There are still a myriad of challenges related to moving data between organizations, and that’s what his company is trying to solve. “BackboneAI is an AI platform specifically built for automating data flows within and between companies,” he said.

This could involve any number of scenarios from keeping large, complex data catalogues up-to-date to coordinating the intricate flow of construction materials between companies or content rights management across an entertainment industry.

Bailey says that he spent 18 months talking to companies before he built the product. “What we found is that every company we talked to was, in some way or another, concerned about an absolute flood of data from all these different applications and from all the companies that they’re working with externally,” he explained.

The BackboneAI platform aims to solve a number of problems related to this. For starters, it automates the acquisition of this data, usually from third parties like suppliers, customers, regulatory agencies and so forth. Then it handles ingestion of the data, and finally it takes care of a lot of actual processing from external sources, while mapping it to internal systems like the company ERP system.

As an example, he uses an industrial supply company that may deal with a million SKUs across a couple of dozen divisions. Trying to track that with manual or even legacy systems is difficult. “They take all this product data in [from external suppliers], and then process the information in their own [internal] product catalog, and then finally present that data about those products to hundreds of thousands of customers. It’s an incredibly large and challenging data problem as you’re processing millions and millions of SKUs and orders, and you have to keep that data current on a regular basis,” he explained.

The company is just getting started. It spent 2019 incubating inside of Boldstart Ventures . Today the company has close to 20 employees in New York City, and it has signed its first Fortune 500 customer. Bailey says they have 15 additional Fortune 500 companies in the pipeline. With the seed money, he hopes to build on this initial success.

MessageBird launches Inbox.ai to disrupt the customer service market

MessageBird, the Amsterdam-headquartered cloud communications platform backed by Accel in the U.S. and Europe’s Atomico, is unveiling another new product today, this time taking aim at the $350 billion customer service market.

Dubbed Inbox.ai and positioned as “Slack for external communications,” the new product — which is to be offered largely for free — enables customers to communicate with businesses via practically any channel of their choosing. This includes WhatsApp, SMS, Voice, Messenger, Instagram, WeChat, Apple Business Chat, RCS, Line and Telegram — in a bid to meet customers on their own digital, “messaging-first” turf. In terms of message content, at launch there is already support for text, images, video, geolocation and more.

And perhaps crucially, regardless of channel, incoming messages and customer conversations are presented in a single thread for easy ticketing and collaboration amongst support agents. There’s some built in intelligence, too, with “AI” promising to analyse keywords and anticipate customer needs, including providing a list of suggested replies. Agents can also drag and drop components to create auto-replies, and there’s support for things like automated NPS surveys, or rules for message routing.

As you’d expect from a company that has primarily targeted developers, Inbox.ai leverages webhooks for integration with various third-party tools used by enterprises and also comes pre-loaded with support for Shopify, Slack, Salesforce, Jira, and more. This includes the ability to have content created within Inbox.ai synced with other software used by a company for its various communication, sales and other business processes — even if over time, and for some companies, Inbox.ai may become all they need.

In a video call with MessageBird founder and CEO Robert Vis, he gave me a personal demo of Inbox.ai, including showing how quick the on-boarding process can be for a new business but also for a new customer. He had me WhatsApp a company’s support number and I could instantly see my message show up within the software and was able to send a photo to help with my request and receive other rich media in return.

Vis explained that the impetus for the new offering was his own frustration with customer support from companies in general, who, he says, haven’t adapted to the new world where customers expect to have their issues solved digitally and where it is no longer acceptable to queue for hours on hold or wait 24 hours or more for an email reply.

He says that a quick back of a napkin calculation suggests that, at the age of 35, he has already spent 2 weeks of his life on hold. He also said Inbox.ai wants to solve the continuity of support problem that typically sees customers having to re-explain their issue each time they are handed off to a different support agent or department.

“From a MessageBird perspective, we built these APIs and people [already] have the possibility to build these experiences, so why am I not living in this world?” Vis says rhetorically, after recalling a recent bad experience with his mobile telephone service provider. “I want to live in a world where I can text and have my problems easily solved… What I don’t want is for them to drop me a note into my email and then have to call them”.

So, rather than simply providing developer hooks and carrying out the infrastructure heavy-lifting, MessageBird is betting on its first user-facing product, which, I’m told, raised a few eyebrows amongst the board.

To that end, Vis told me that Inbox.ai was developed by the MessageBird team in 12 months and followed extensive research with customers, support agents and managers. Prior to launch, the software has been tested and is currently used by, HelloFresh and Deliveroo in Europe, Zilingo in Asia, and Join Buggy and Tix Telecom in Latin America.

Challenged on why nobody has really cracked this problem so far, despite a number of attempts to create a single source of customer support “truth,” Vis told me “everybody is talking about it but nobody is doing it”. That’s because you need to understand and then solve three related and difficult problems.

The first is ingesting data from all the various communication channels, for which MessageBird has previous form. The second is “experience generation”: the ability for support agents to easily communicate via rich experiences, such as images, videos, geolocation, tracking codes, discounts etc. That’s something most companies don’t have the developer resources to create, argues Vis. And thirdly is the UI, which has to allow agents to communicate and track tickets seamlessly across channels in a way that is agnostic to where those messages originate from.

“I think this is a new category, I think this is where things converge together,” adds the MessageBird CEO. “We compete with a lot of tools but we’re not any of them. We’re how we think in five years every tool is going to be”.

Electric reopens Series B to make room for Dick Costolo and Adam Bain

Electric, the platform that delivers IT services to small and medium businesses, has today announced that it has raised an additional $14.5 million on its Series B from 01 Advisors, the fund led by Twitter alums Dick Costolo and Adam Bain.

Though the funding is a part of the company’s Series B financing, founder Ryan Denehy explained that the deal was signed on an uptick in valuation, though wouldn’t elaborate further.

Electric raised a $25 million Series B led by GGV in January of 2019.

The company allows businesses with small IT teams, or no IT team, to get on the platform and either automate or manage with one click the various administrative facets of that role. Most IT tasks are focused on administration, distribution and maintenance of software programs.

Electric customers ensure that the software is installed on every corporate machine, effectively giving the top IT employee or decision-maker an easy way to grant and revoke permissions, assign roles and make sure software is up to date on various machines.

The hope is that this allows IT specialists to focus on the jobs that are best suited to their skills, such as troubleshooting, hardware installation and other more difficult tasks.

Denehy said this new fundraise was all about bringing strategic operators under the tent, not cash. He explained that at the close of last year, VCs started reaching out to get in on the company’s Series C. The team sat down for a board meeting where they weighed their options, one of which being a $40 million Series C.

“We have no immediate use for most of that money,” said Denehy. “Is it going to make our customers happy or is it going to make us a better-run company? It’s kind of a philosophical question. A lot of founders sort of equate success to the fact that they raised two rounds within six months of each other, and I just took the contrarian view. I wondered what we could actually do to make our company run better and the conclusion was to get the best business leaders and operators in tech to get around the table at our company.”

This brings Electric’s total funding to just over $50 million. Denehy says part of the reluctance around fundraising stemmed from the fact that Electric had tripled top-line growth over the past two years. But that doesn’t mean he had all the answers when it comes to hyper growth and scaling the business.

Costolo recalled when Bain first met Ryan Denehy, and came back excited about his willingness to learn.

“Ryan is a really enthusiastic founder/CEO,” said Costolo. “Some founders know they don’t have the answers to everything and that there’s still a lot to learn, and they want to learn. And Ryan is right down the middle for that.”

Costolo also explained that he’s excited about how well Electric fits in to the dogma of “software is eating the world,” automating these low-level tasks to free up resources and energy for higher-order tasks.

Costolo and Bain operate slightly unusually for a growth-stage fund (01 Advisors writes checks for later A rounds and B rounds). The duo don’t want to take board seats, as they’d rather be “sitting next to the founder instead of across the table from the founder.”

This results in a hands-on approach based on their experience as operators. Remember, Costolo grew Twitter to a market cap of $23.4 billion before stepping down, and Bain spent six years at Twitter as president of Global Revenue and Partnerships before stepping into the COO role.

Costolo and Bain have already brought their hands-on approach to Electric, having conversations with the head of HR around how to introduce HR business partners to different departments and how to scale and set goals for the enterprise sales team.

YC-backed Snapboard is a no-code platform for building internal tools

No-code tools are on the rise, and a YC-backed company called Snapboard is looking to join the fight.

Snapboard, led by solo founder Calum Moore, started when Moore decided to build one product a week for a year as a personal challenge. In the second week, he realized just how many apps and services it took not only to build the product, but to post about it on social media.

He wanted a way to manage all those apps and tools from one dashboard. So he built Snapboard.

Snapboard allows users to link and manage a wide variety of apps and platforms in a single, customizable dashboard. Users can create boards that act as internal tools without getting the product or engineering team involved for an internal project. Moore describes it as “Airtable, but with all of your data already in there.”

More than 50 apps are available on the Snapboard platform, including Shopify, Dropbox, Google Analytics, MailChimp, MongoDB, MySQL, Trello, Zendesk and many more. Moore isn’t concerned with onboarding new integrated apps for Snapboard, as most of the popular tools used by startups and tech firms are API supported.

The use cases are innumerable, which is just as challenging as it is beneficial. Moore detailed a few examples, including building boards for each individual customer, combining Stripe data with emails sent through Mail Chimp to try to target behavior.

However, the flexibility of the platform means that it can do almost anything, but only if you know what you want to do with it. It can be difficult to evangelize for something that is so nebulous, and can be used so many ways.

Moore says the key is to sprint on building out the template library for Snapboard, offering new users a multitude of options as inspiration.

Snapboard offers a free tier, and then charges $10/month/seat for more advanced features. Thus far, the company has 3,000 registered users and around 230 WAUs.

The company is targeting tech companies but sees the potential for other industries to tap into Snapboard’s internal tool-making platform.

Beyond the difficulty of messaging a platform that can be used in countless ways, Moore identifies UX design as one of the company’s greatest challenges.

“We’re taking something only developers used to be able to do and making it available for everyone else,” said Moore. “If you give a developer a platform, they’ll work their way through it. They’ll find some way to make it work. Whereas, with less technical people, they want products to be very obvious and easy to use. So, for us, it’s about delivering that kind of technical experience in a really non-technical way.”

Snapboard has raised a total of $150K from Y Combinator and will present in the upcoming demo day.

Dell spent $67B buying EMC — more than 3 years later, was it worth the debt?

Dell’s 2015 decision to buy EMC for $67 billion remains the largest pure tech deal in history, but a transaction of such magnitude created a mountain of debt for the Texas-based company and its primary backer, Silver Lake.

Dell would eventually take on close to $50 billion in debt. Years later, where are they in terms of paying that back, and has the deal paid for itself?

When EMC put itself up for sale, it was under pressure from activist investors Elliott Management to break up the company. In particular, Elliott reportedly wanted the company to sell one of its most valuable parts, VMware, which it believed would help boost EMC’s share price. (Elliott is currently turning the screws on Twitter and SoftBank.)

Whatever the reason, once the company went up for sale, Dell and private equity firm Silver Lake came ‘a callin with an offer EMC CEO Joe Tucci couldn’t refuse. The arrangement represented great returns for his shareholders, and Tucci got to exit on his terms, telling Elliott to take a hike (even if it was Elliott that got the ball rolling in the first place).

Dell eventually took itself public again in late 2018, probably to help raise some of the money it needed to pay off its debts. We are more than three years past the point where the Dell-EMC deal closed, so we decided to take a look back and see if Dell was wise to take on such debt or not.

What it got with EMC